The SitePoint Forums have moved.

You can now find them here.
This forum is now closed to new posts, but you can browse existing content.
You can find out more information about the move and how to open a new account (if necessary) here.
If you get stuck you can get support by emailing forums@sitepoint.com

If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

A secure log in system would probably be easiest and still very safe if you used $_SESSION.
Go to www.php.net, find a language that best suits you, and read a documentation on sessions. The format usually is something like this though:

If knowledge is power - Why isn't our army librarians?!Statistics show that 63% of all statistics are fake.When i was little i broke my neck, and i havent looked back since .
I completed the internet in 1 week. The end boss was pretty easy though .

Step 2:
Say you're logged in and you password is crypted in a cookie. If I can get this crypted password, I can assign it to a cookie on my PC and log-in for you.
How can I get this cookie? Easy if I have access to your computer. There's another way, but I don't want to talk about it.

Anyway, you can rest assured that is safe enough. It's nowhere near 100% safe, but at the end a lot of sites are doing it and it works for them. The forum in which we're discussing this now (vBulletin) is also storing crypted passwords in cookies.

Yeah, a Widow Maker makes a very good point (Dude, consider changing your nick to Good Point Maker or SitePoint Maker or a combination ). It all depends on how important the protected area is. Ask yourself the question where's do you see the balance between convenience and security.

OK, KSA, since you insist.
It's possible to get a remotely stored cookie in those rare occasions when you allow your visitors to post on your site. If you don't strip out the HTML code from their postings they can inject malicious javascript that can read/send the cookie information.
You know that when you set a cookie with PHP, you can read it with JavaScript.